Design/Logic Flaw

HTTP methods reveled in Web services vulnerability in Micro Focus Service manager server, affecting versions 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63. The vulnerability could be exploited to allow exposure of configuration data...

CVE-2020-9519

The CVE-2020-9519 entry concerns Micro Focus Service Manager (server) with an exposure of configuration data. Affected versions are 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, and 9.63. The documents indicate the issue arises from handling HTTP methods in web services, enabling partial confid...

CVE-2020-9519

HTTP methods reveled in Web services vulnerability in Micro Focus Service manager server, affecting versions 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63. The vulnerability could be exploited to allow exposure of configuration data...

CVE-2019-11667

Unauthorized access to contact information in Micro Focus Service Manager, versions 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow unauthorized access to private data...

Design/Logic Flaw

Unauthorized access to contact information in Micro Focus Service Manager, versions 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow unauthorized access to private data...

HP Service Manager RCE Vulnerability (Jul 2016)

HP Service Manager is prone to a remote command execution RCE vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2016-2025

HPE Service Manager 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, and 9.41 allows remote attackers to obtain sensitive information via unspecified vectors, related to the Web Client, Service Request Catalog, and Mobility components...

HPE Asset Manager Arbitrary Code Execution Vulnerability

HP AssetManager is a solution for managing the lifecycle of IT assets. A security vulnerability exists in HPE Asset Manager 9.40, 9.41, 9.50, and Asset Manager CloudSystem Chargeback 9.40, which can be exploited by remote attackers to execute arbitrary commands via constructed serialized Java...

HPE Service Manager (SM) Arbitrary Command Execution Vulnerability

HPE Service Manager SM is IT service management software. A security vulnerability in HPE Service Manager SM versions 9.3x prior to 9.35 P4 and 9.4x prior to 9.41.P2 allows remote attackers to execute arbitrary commands via a crafted serialized Java object...

CVE-2015-5448

HP Asset Manager 9.40 and 9.41 before 9.41.11103 P4-rev1 and 9.50 before 9.50.11925 P3 allows local users to obtain sensitive information via unspecified vectors...

Directory traversal

Directory traversal vulnerability in the fndwar web application in HP Executive Scorecard 9.40 and 9.41 allows remote authenticated users to execute arbitrary code, or obtain sensitive information or delete data, via unspecified vectors, aka ZDI-CAN-2120...

CVE-2014-2611

Directory traversal vulnerability in the fndwar web application in HP Executive Scorecard 9.40 and 9.41 allows remote authenticated users to execute arbitrary code, or obtain sensitive information or delete data, via unspecified vectors, aka ZDI-CAN-2120...

Authentication flaw

The Java Glassfish Admin Console in HP Executive Scorecard 9.40 and 9.41 does not require authentication, which allows remote attackers to execute arbitrary code via a session on TCP port 10001, aka ZDI-CAN-2116...